CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
58.5%
The specific version of PHP that the system is running is reportedly affected by the following vulnerabilities:
Apple Mac OS X contains an unspecified flaw in the Intel Graphics Driver. This may allow a local attacker to gain knowledge of kernel memory layout and in turn bypass security mechanisms like Kernel Address Space Layout Randomization (KASLR).
Technical Information: By itself this issue has no real security impact. Combined with certain types of other vulnerabilities that allow code execution, this issue may make exploitation more reliable. (CVE-2016-1860)
Apple Mac OS X contains an overflow condition in the NVIDIA Graphics Driver (GeForce.kext). This may allow a local attacker to cause a stack-based buffer overflow and potentially execute arbitrary code with kernel privileges. (CVE-2016-1861)
Apple Mac OS X contains an unspecified flaw in the Intel Graphics Driver. This may allow a local attacker to gain knowledge of kernel memory layout and in turn bypass security mechanisms like Kernel Address Space Layout Randomization (KASLR). (CVE-2016-1862)
Binary data 800143.prm
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1860
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1861
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1862
seclists.org/bugtraq/2016/May/76
seclists.org/fulldisclosure/2016/May/45
bugs.chromium.org/p/project-zero/issues/detail?id=724
support.apple.com/en-us/HT206567
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
58.5%